package com.jifeng.sterilizer.config;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import com.jifeng.sterilizer.constant.WXUrlConstant;
import com.jifeng.sterilizer.entity.UserEntity;
import com.jifeng.sterilizer.token.utils.EncryptUtil;
import com.jifeng.sterilizer.utils.HttpUtils;
import net.bytebuddy.implementation.bytecode.Throw;
import org.apache.commons.lang.StringUtils;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order;
import org.springframework.http.converter.HttpMessageNotReadableException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.OAuth2Request;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.stereotype.Component;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

@Component
@Order(Ordered.HIGHEST_PRECEDENCE)
public class CorsConfig implements Filter {

    @Override
    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException, ServletException {

        HttpServletResponse response = (HttpServletResponse) res;
        HttpServletRequest request = (HttpServletRequest) req;

//        String requestURI = request.getRequestURI();
//        if (requestURI.equals(WXUrlConstant.WX_LIST_USER_DEVICES) || requestURI.equals(WXUrlConstant.WX_LIST_USER_CONTROLLER)
//                || requestURI.equals(WXUrlConstant.WX_DEVICES_STATUS) || requestURI.equals(WXUrlConstant.WX_CONTROLLER_STATUS)
//        ) {
//            String authorization = request.getHeader("Authorization");
//            int i = authorization.indexOf(" ");
//            String substring = authorization.substring(i + 1);
//            String uid = request.getParameter("userId");
//            if (!StringUtils.isEmpty(authorization) && !StringUtils.isEmpty(uid)) {
//                Map tokenInfo = HttpUtils.getTokenInfo(substring);
//                String id = String.valueOf(tokenInfo.get("id"));
//                if (!id.equals(uid)) {
//                    response.sendError(601, "无效的登录信息！");
//                    return;
//                }
//            }
//        }

        //允许所有的域访问
        response.setHeader("Access-Control-Allow-Origin", "*");
        //允许所有方式的请求
        response.setHeader("Access-Control-Allow-Methods", "*");
        //头信息缓存有效时长（如果不设 Chromium 同时规定了一个默认值 5 秒），没有缓存将已OPTIONS进行预请求
        response.setHeader("Access-Control-Max-Age", "3600");
        //允许的头信息
        response.setHeader("Access-Control-Allow-Headers",
                "authorization,Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,lf-Modified-Since,Cache-Control,Content-Type");
//        response.setHeader("Access-Control-Allow-Headers", "*");

//        response.setHeader("Cache-Control","no-cache");

        if ("OPTIONS".equalsIgnoreCase(request.getMethod())) {
            response.setStatus(HttpServletResponse.SC_OK);
        } else {
            chain.doFilter(req, res);
        }
    }
}

